Calories and cholesterol aren’t the only reasons to think twice about cookies these days. Now, electronic cookies received by your web browser are threatening your students’ privacy‹and maybe your own.

In the online world, a cookie is a small piece of information saved to your hard drive the first time you visit a site that uses cookies. The cookie is passed to your hard drive by the web site’s server and is saved in a text file called “cookie.txt.” When you return to that site, the web server is able to identify you by reading information in the cookie.

Cookie files are very small, taking up no more than 4K of space. They are supported by most major browsers, including Netscape and Internet Explorer. Because cookies are passed on to you without your knowledge or consent, they have become a cause for alarm. But not to worry‹eSchool News will brief you on how to safeguard yourself and your students.

Why cookies?

The main purpose of a cookie is to identify a web site’s users and possibly prepare customized web pages for them. When you access a site that uses cookies, you may be asked to fill out a form providing information such as your name and interests. This information is packaged into a cookie and saved on your hard drive.

The next time you visit the same web site, your browser will send the cookie to the web server. The server then can use this information to present you with customized web pages. Instead of seeing just a generic welcome page, for example, you might see a welcome page with your name on it.

Cookies are also used to identify you when you want to access a site that requires registration, such as the New York Times web site. The cookie records the information you give the site when you first register and recalls it when you type in your user name and password the next time you visit. If you didn’t have a cookie, you’d have to reregister each time you tried to access the site.

So cookies were originally conceived to make it easier for you to access your favorite web sites without having to go through a lengthy process of identifying yourself each time you visit. They were also designed to create greater interactivity between a web site and its user.

What are the dangers?

Yet somewhere along the way, the original intent of cookies has been expanded. Advertisers have realized the value of information stored in cookie files as a marketing tool, and they’ve begun using cookies to target ads to you based on your profile of interests and browsing habits.

This has led to concerns about how the information you provide to a site is being used. Some sites have begun selling or trading the information stored in your cookie to advertisers or others.

The less information you provide about yourself or your students, the lower the risk of abuse. Cookies can only contain the information you provide to a web site‹they cannot read your hard drive to find out who you are or where you live.

Even so, concern is growing about how cookies can “track” your surfing habits and store this information for someone else to use.

A case now pending in a federal court might determine whether cookies stored on government (or school) computers are public records (see eSchool News, March), subject to the scrutiny of anyone who wishes to access them, or whether they are private. The plaintiff in the case, the publisher of an online newspaper, filed suit against the town of Cookeville, Tenn., claiming the town government’s refusal to hand over access to its employees’ cookie files violated his First Amendment rights. The newspaper wanted to see what sites the government employees were visiting.

The decision in this case could set a dangerous precedent. (Imagine being fired because your browser’s cookies revealed you’d visited a pornographic site‹when you were only checking whether your filtering software blocked that particular site.)

How to protect yourselves and your students

An informative site called Cookie Central gives information on how to find and edit your cookies in the latest browser versions and how to configure your browser to reject cookies. It also offers cookie demos, frequently asked questions, and information about cookie-blocking software.

The trouble with blocking cookies, though, is that they’re still useful in many ways. Mark Powers, the webmaster for NationalGeographic.com‹a popular education site‹told eSchool News that some areas of his site won’t function properly if your browser is set up to refuse cookies. This is true particularly if students are playing an interactive online game, Powers said.

NationalGeographic.com posts a privacy policy on its home page that tells visitors what type of information its cookies collect and how that information is used by the site. The policy pledges that information is never collected from children under 18 without an adult’s consent and that personal information is never given out to third parties for any reason. Information is given to advertisers only in the form of grouped statistics.

“No web site can retrieve personal information about students that they don’t type in themselves,” Powers said. “Protecting students’ privacy becomes an issue of training‹we have to teach kids not to give out information online.”

Powers suggested that you take steps to limit students’ internet use to sites that are reputable‹for example, those that post a privacy policy such as NationalGeographic.com’s or that otherwise protect their users’ privacy.

“I’m a fan of limiting sites rather than limiting the technology used to browse those sites,” said Powers.

Some software companies make cookie protection software that will allow your browser to accept or reject cookies according to your specifications. Limit Software’s Cookie Crusher is one example. You can configure it with a list of sites that should and should not be allowed to set cookies. This feature allows you and your students to view trusted sites freely, while still protecting your browsing privacy.

Cookie Central

http://www.cookiecentral.com<

National Geographic

http://www.nationalgeographic.com

The Limit Software

http://www.thelimitsoft.com